diff --git a/src/warden-client/doc/README.cesnet b/src/warden-client/doc/README.cesnet
index 689cd9d46edc7dbaed05dfabb64d0583e6602282..fb1f474bd3e00004c714920e047400cbd39ae17e 100644
--- a/src/warden-client/doc/README.cesnet
+++ b/src/warden-client/doc/README.cesnet
@@ -88,7 +88,8 @@ C. Description tags
 
  1. Detection medium
 
-    * Network - network data based (Snort, Suricata, Bro, FTAS, LaBrea, Kippo)
+    * Network - network data based (Snort, Suricata, Bro, FTAS, LaBrea, Kippo,
+                Dionaea)
     * Host - host based (Swatch, Logcheck)
     * Correlation - corellation engines (Prelude, OSSIM)
     * External - credible external sources (incident reporting, ticket
@@ -97,7 +98,7 @@ C. Description tags
  2. Data source
 
     * Content - datagram content based detectors (Snort, Bro)
-    * Flow - netflow based (FTAS, FlowMon)
+    * Flow - netflow based (FTAS, FlowMon, HoneyScan)
     * Connection - connection data (portscan, portsweep)
     * Data - application data based (SpamAssassin, antiviruses)
     * Log - based on system logs, where more specific source is not
@@ -113,7 +114,7 @@ C. Description tags
 
  4. Detector/analyzer product name examples
 
-    * Snort, FTAS, SpamAssassin, LaBrea, Swatch, Prelude
+    * Snort, FTAS, SpamAssassin, LaBrea, Swatch, Prelude, Kippo, Dionaea
 
 --------------------------------------------------------------------------------
 D. Types of events